Lucene search
K

121687 matches found

Cvelist
Cvelist
added 2026/04/21 10:25 p.m.33 views

CVE-2026-41055 AVideo has an incomplete fix for CVE-2026-33039 (SSRF)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS0.00377EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/21 10:16 p.m.7 views

EUVD-2026-24525

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest, does not verify a CSRF/global token, and does not check...

5.4CVSS5.6AI score0.00113EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/21 10:14 p.m.3 views

CVE-2026-40928 AVideo: Missing CSRF Protection on State-Changing JSON Endpoints Enables Forced Comment Creation, Vote Manipulation, and Category Asset Deletion

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS5.7AI score0.00115EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/21 10:12 p.m.4 views

EUVD-2026-24521

WWBN AVideo is an open source video platform. In versions 29.0 and prior, three admin-only JSON endpoints — objects/categoryAddNew.json.php, objects/categoryDelete.json.php, and objects/pluginRunUpdateScript.json.php — enforce only a role check Category::canCreateCategory / User::isAdmin and...

7.1CVSS5.9AI score0.00166EPSS
Exploits1References2
CVE
CVE
added 2026/04/21 10:11 p.m.21 views

CVE-2026-5921

CVE-2026-5921 describes a server-side request forgery (SSRF) in GitHub Enterprise Server. The notebook rendering service can be reached via an open redirect chain when private mode is disabled, allowing an unauthenticated SSRF to internal services. A timing side-channel across a regex-filtered in...

9.5CVSS5.8AI score0.00328EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/04/21 9:31 p.m.8 views

EUVD-2026-24241

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References5
NVD
NVD
added 2026/04/21 9:16 p.m.4 views

CVE-2026-40938

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation...

8.5CVSS0.00788EPSS
Exploits1References10
CVE
CVE
added 2026/04/21 7:40 p.m.8 views

CVE-2026-40885

CVE-2026-40885 (goshs) involves a credential leakage in goshs, a Go-based SimpleHTTPServer. From 2.0.0-beta.4 to beta.5, the public collaborator feed leaks file-based ACL credentials and can expose a victim’s folder-specific Basic auth header to unauthenticated websocket observers. This enables a...

8.8CVSS5.8AI score0.00311EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/04/21 7:34 p.m.8 views

CVE-2026-41320

Frappe HR (open-source HRMS) has a SQL injection vulnerability affecting versions prior to 15.54.0 and 14.38.1, exploitable via a specially crafted request to a specific endpoint. The root cause is improper input handling leading to information disclosure. A fix is included in versions 15.54.0 an...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 7:34 p.m.3 views

CVE-2026-41320 Frappe HR has possibility of SQL Injection due to improper field sanitization

Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 and...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/21 7:21 p.m.3 views

CVE-2026-40878 mailcow-dockerized Login Page has Reflected Parameter Injection / Wrong-Context XSS Escaping

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw $SERVER'REQUESTURI' to Twig as a global template variable and renders it inside a JavaScript string literal in the setLang helper of base.twig,...

2.1CVSS5.8AI score0.00805EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 7:21 p.m.9 views

EUVD-2026-24262

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw $SERVER'REQUESTURI' to Twig as a global template variable and renders it inside a JavaScript string literal in the setLang helper of base.twig,...

2.1CVSS5.8AI score0.00805EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 7:21 p.m.31 views

CVE-2026-40878 mailcow-dockerized Login Page has Reflected Parameter Injection / Wrong-Context XSS Escaping

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw $SERVER'REQUESTURI' to Twig as a global template variable and renders it inside a JavaScript string literal in the setLang helper of base.twig,...

2.1CVSS0.00805EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 7:21 p.m.19 views

CVE-2026-40878

CVE-2026-40878 affects mailcow: dockerized prior to 2026-03b. The web interface passes raw $_SERVER['REQUEST_URI'] to Twig as a global variable and renders it inside a JavaScript string in setLang(), relying on Twig’s HTML escaping rather than JS escaping. Additionally, the query_string() Twig he...

2.1CVSS5.8AI score0.00805EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 7:19 p.m.4 views

EUVD-2026-24258

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" login history renders the client IP from login logs without HTML escaping. Because the server trusts the X-Real-IP header as the source IP...

7CVSS5.8AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 7:14 p.m.36 views

CVE-2026-40872 mailcow: dockerized vulnerable to stored XSS in autodiscover logs email address field

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover logs render the EMailAddress value logged as the "user" field without HTML escaping. By submitting an unauthenticated Autodiscover request with a crafted...

9.3CVSS0.0028EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/21 7:6 p.m.6 views

WordPress mCatFilter plugin <= 0.5.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin mCatFilter versions = 0.5.2...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:5 p.m.8 views

WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Ni WooCommerce Order Export versions = 3.1.6...

4.3CVSS5.8AI score0.00156EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:2 p.m.5 views

WordPress Google PageRank Display plugin <= 1.4 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Google PageRank Display versions = 1.4...

4.3CVSS5.8AI score0.002EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 6:0 p.m.2 views

CVE-2026-6744 Bagisto Downloadable Link copy server-side request forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References4
Rows per page
Query Builder